package com.meng.interceptor;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;

import com.meng.anno.AuthAccess;

public class AuthInterceptor implements HandlerInterceptor {

    private static final Logger logger = LoggerFactory
            .getLogger(AuthInterceptor.class);

    @Override
    public boolean preHandle(HttpServletRequest request,
                             HttpServletResponse response, Object handler) throws Exception {
        //不检查静态资源
        if (!(handler instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Class clazz = handlerMethod.getBeanType();
        Annotation annotation = clazz.getAnnotation(AuthAccess.class);
        Method method = handlerMethod.getMethod();
        AuthAccess auth;
        String path = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
        logger.info("contextPath为  " + path);
        logger.info("请求的Controller为  " + clazz.getName());
        logger.info("请求的方法为   " + method.getName());
        if (annotation != null) {
            auth = (AuthAccess) annotation;
            String value = auth.authValue();
            if (value != null && value.equals("") == false) {
                String token = request.getParameter("token");
                if (!value.equals(token)) {
                    logger.info("没有权限：" + token);
                    response.sendRedirect(path + "/authException");
                    return false;
                }
                auth = method.getAnnotation(AuthAccess.class);
                if (auth != null) {
                    if (!value.equals(token)) {
                        logger.info("没有权限：" + token);
                        response.sendRedirect(path + "/authException");
                        return false;
                    }
                }
            }
        } else {
            auth = method.getAnnotation(AuthAccess.class);
            if (auth != null) {
                String value = auth.authValue();
                String token = request.getParameter("token");
                if (!value.equals(token)) {
                    logger.info("没有权限：" + token);
                    response.sendRedirect(path + "/authException");
                    return false;
                }
            }
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request,
                           HttpServletResponse response, Object handler,
                           ModelAndView modelAndView) throws Exception {
        // TODO Auto-generated method stub

    }

    @Override
    public void afterCompletion(HttpServletRequest request,
                                HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
        // TODO Auto-generated method stub

    }

}
